Barclays are taking steps to avoid the threat posed by card skimmers with a new trial of a system that allows customers to withdraw money from ATMS using only their smart-phones.

The cardless withdrawal system is thought to be a simpler system than the one introduced by RBS four years ago which allowed customers to withdraw up to £130 at a time by typing a special code which had been texted to them by RBS into the ATM.

With the simpler Barclays system, the customer will be able to use their normal PIN in combination with leaving their smart phone handset near to the bank machine, thereby enabling “contactless” near-field communication (NFC) transmission.

Even Simpler In Future

It has been reported that Barclays are working on ways to make contactless cash withdrawal simpler still in the future by enabling customers to either being able to wave their phone handset near to the cash machine before typing in their PIN, or wave an NFC-enabled card next to the reader (again in combination with a PIN).

Why Contactless?

Clearly, the ability of criminals to use card skimming has been a major motivator in Barclays wanting to find a system that avoids the use of cards in cash withdrawals. With card skimming, criminals attach a skimming device and often a miniature camera to ATMs in order to steal the details from a card’s magnetic code and record the card’s PIN. This enables them to clone a card and to withdraw money with it.

Other reasons why Barclays have moved toward contactless withdrawal systems are to avoid the risk of ‘distraction fraud’ where thieves use distraction techniques to observe the PIN being typed and to steal the card, as well as avoiding the risk of entrapment devices. These devices are inserted into the ATM card slot in order to stop the card being returned and to fool the user into typing their PIN in again whereupon it can be recorded by the device. This gives the thief the PIN and the card (when they come back to retrieve the device).

Which Phones?

At present, the new Barclays system can only be used with Android phones. This is essentially because Apple limits the use of iPhones’ NFC chips for its own Apple Pay facility and therefore doesn’t allow third-party apps access.

Where Is The Trial Taking Place?

The trial / pilot of the new Barclays smart-phone “contactless cash” service is taking place at 180 branches across the north of England. If the trial is successful the plan is to have a wider rollout (in an as yet unspecified area) by 2017.

What Does This Mean For Your Business?

This shows that along with the introduction of biometrics, banks are now taking serious steps to plug security holes and to get one step ahead of many of the more crude but successful methods that criminals have been using to steal money from individuals and businesses alike.

This kind of trial can therefore only be good news, although the recent theft from the current accounts of 9,000 Tesco Bank customers shows that bank systems still have many vulnerabilities, many of which they may not know about until it is too late.